SlideShare a Scribd company logo

Enhancement of Data Security in Cloud Computing

IOSR Journals
IOSR Journals

This document discusses security issues and challenges related to data security in cloud computing. It begins by providing background on cloud computing and its benefits. It then discusses some key security challenges including data breaches, insecure interfaces, denial of service attacks, eavesdropping, data loss, lack of compatibility between cloud services, abuse of cloud technologies, insufficient user understanding of risks, and safe storage of encryption keys. It also discusses issues regarding data integrity verification and privacy when data is outsourced to cloud servers. In the end, it recommends solutions such as homomorphic encryption, decentralized information flow control, and data accountability frameworks to enhance security in cloud computing.

Technology
1 of 6
Download to read offline
IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 2, Ver. IV (Mar-Apr. 2016), PP 12-17 www.iosrjournals.org DOI: 10.9790/0661-1802041217 www.iosrjournals.org 12 | Page Enhancement of Data Security in Cloud Computing: Issues and Challenges 1 Obed Jatauwycliff,2 Abdulrahman Saidu, 3 SuleimanAdamu 1 Information & Communication Technology Unit, Federal Polytechnic Bali, Taraba State 2 Department Computer Science, Federal Polytechnic Bali, Taraba State 3 Department of Computer Science, Federal College Of Education Yola, Adamawa State. Abstract: Cloud computing can save an organization’s time and money but trusting the system is very much important because the real asset of any organization is the data which they share in the cloud to use the needed service by putting it directly in the relational database.No organization can transfer its data or information to a third party until a bridge of trust is built. This paper provides a concise and all round analysis on data security and privacy protection issues associated with computing across all stages of data life cycle. It argues that, in contrast to the traditional solution where unauthorized third party can access organizational data illegally which raises a serious concern since data is scattered at different places all over the globe. The security concerns of users need to be addressed to make cloud environment safe and trustworthy. Every cloud provider solves this by encrypting data using encryption algorithm which is inadequate. The paper concludes by recommending that in addition to the traditional methods, the security of cloud computing can also be enhanced through authentication using thumb print, face, voice and image identification. Keywords:Cloud computing, Information Technology, Data Integrity, Authentication, Security and Challenges. I. Introduction Cloud computing is a type of computing that relies on sharing computing resources rather than having local services on personal devices to handle applications. In cloud computing, the word cloud is used as a metaphor for the internet.So the phrase Cloudmeans a type of internet based computing, where different services, storages and applications are delivered to an organization‟s computers and devices through the internet. Thus, Cloud Computing means storing and accessing data and programs over the internet instead of computer‟s hard drive. It can also be seen as the hardware and software resources in the data centers that provide diverse services over the network or internet to address the user requirements (Leavitt, 2009). A lot of research has been done on the potentials of cloud and the services that cloud computing can and could offer. In essence though, these services can be categorized into four main sections: Storage as a Service (StaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS).Cloud offers a storage space that is enormous, seemingly endless, and growing every day. Storage as a Service (StaaS) enables cloud applications to scale beyond their limited servers. Cloud storage systems are expected to meet several laborious equipment for maintaining users‟ data and information, including high availability, reliability, performance, replication and data consistency. In addition to those services, consumers are also relieved of their responsibility to own and maintain their own computer storage as cloud vendors offer them the choice of storing their information in the cloud which is accessible whenever they want. Cloud computing offers a prominent service for data known as cloud storage, but data security has always remained a major issue in IT and in cloud, it is particularly of serious concern since data are scattered at different places all over the globe. It can equally save an organization‟s time and money but trusting the system is very much important because the real asset of any organization is the data which they share in the cloud to use the needed services by putting it directly in the relational database through an application. But the security concerns of users must be addressed to make cloud environment trustworthy. In cloud computing a trustworthy environment is a basic prerequisite to win confidence of a user to adopt such technology. Data protection and security are the two main foremost factors for gaining user‟s trust and making the cloud successful. From the perspective of data security, which has always been an important aspect of quality of service, cloud computing inevitably poses new challenging security threats for number of reasons; Data stored on cloud servers is not completely secure from infection. While popular cloud services such as Google Docs are equipped with virus scanning software, there is still the possibility of an internal or external attack affecting your data; The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification; appending, reordering, etc. this post another challenge in cloud computing; In cloud computing there are three primary users that manage database i.e. User, Cloud Service Provider (CSP) and Third Party Auditor (TPA), each of this need an independent authentication to access the database. This is another issue in cloud computing
Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 13 | Page that need security. Albeit the above challenges, this paper attempts to discuss how the security of cloud computing can further be enhanced to make it safe and trustworthy. II. Definition Of Key Terminologies Cloud Computing Security (CCA): It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing User:Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations. Cloud Service Provider (CSP):Is one who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live cloud computing. Third Party Auditor (TPA):An optional TPA, who has expertise and capabilities that users may not have, is trusted to assess and expose risk of cloud storage services on behalf of the users upon request. III. Benefits Of Cloud Computing Cloud computing plays an important role in the advancement of Information Technology (IT) hence, adding value to human life. Some of the advantages are enumerated below:  It provide availability ofa huge array of software applications, seemingly unlimited storage, has given access to lightning processing power and the ability to easily share information across the globe.  Cloud computing allows consumers and corporate structure to use all the applications offered by the cloud without the extra effort of instillation and also offers access to their personal file from any computer anywhere at any time with internet access.  It offers access to a large number of sophisticated supercomputer and their resultant processing power, connected as numerous locations around the world, thus offering speed in the tens of trillions of computations per second.  It also promises tangible cost saving and speed to costumers. Despite these advantages, the cloud is not completely safe or trustworthy since data of the users can be compromised or illegally accessed by an unauthorized third party. This paper attempts to proffersolution on how to enhance security in cloud computing to make it safer, trustworthy and reliable. IV. Related Works Cloud computing is an informal expression used to describe different types of computing concepts that involve a large number of computers connected through a real-time communication network such as the Internet. This means it refers to network-based services which appear to be provided by real server hardware, which in fact served up by virtual hardware, simulated by software running on one or more real machines. Such virtual servers do not physically exist and can therefore be moved around and scaled up (or down) on the fly without affecting the end user - arguably, rather like a cloud (Carrol et al. 2012). Cloud computing has emerged to become one of companies‟ greatest means of reviving and enhancing their business and IT infrastructure. Nevertheless, there are certain data security issues and challenges related to cloud computing. In everyday computing, security is one of the most acute aspects to be considered and it is no less important for cloud computing due to the sensitivity and significance of data stored in the cloud, (Al Zain et al. 2012). In cloud computing operations, there are issues of secure data transfer, secure software interfaces, secure stored data, and user access control and data separation, which are very important in ensuring the integrity of client data(Beckham, 2011). Rewagad and Pawar (2013) maintains that in cloud computing, organizations can use services and data that can be stored at any location beyond their control, this facility has raised various security questions such as privacy, confidentiality, integrity etc., and it demands a trustworthy computing atmosphere where data confidentiality can be maintained. The authors have proposed a very good solution to the security questions raised by using three kinds of protection scheme. One is to use the Diffie-Hellman Algorithm to generate keys for the key exchange step. Next, digital image signature will be used for authentication; afterwards, the Advance Encryption Standard (AES) encryption algorithm will be used to encrypt or decrypt the user‟s data file. In the cloud computing environment, data security issues can be divided into four types: safety problems caused by virtual technology; root authority of the data centre; data security and consistency; and problems prompted by new technology, (Han and Zhang, 2012). In order to overcome the outlined security issues the authors introduced new technology, which is the agent. According to them, at present, agent-oriented technology as a software system designed and developed by new methods is of widespread interest in academia and the business community. Its features are autonomy, responsiveness, initiative, social and others. Likewise, data transmissions in networks are often intercepted, tampered with or replaced by hackers (Weihai, 2013). This author outlined that there is a guarantee of the security of data transmission on the network to HTTPS, or TCP/IP, which is coupled with modern cryptographic algorithms and network security equipment.
Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 14 | Page Another problem mentioned is that data storage security is non-volatile or has a fast recovery after a loss. It was proposed that this security issue be taken into consideration by software engineers in the design stage of cloud storage services. Also, data redundancy, dynamic, and isolation should be included in the design. It was added that management needs to consider the replacement or deactivation of service providers because, once the cooperation agreement expires, as the user may disable a service, it is uncertain what will happen to the data stored in the cloud or whether it will be returned to its owner. The solution he provided is to use the products of another service provider, who will then deal with seamless data panning. Furthermore, it was maintained that, in cloud computing infrastructure, the sharing of physical resources causes crises in data security and privacy, and one can no longer rely on a physical machine or network boundary. Moreover, users worry about the transparency of the data storage location. Therefore, it has been suggested that relevant laws and regulations be put in place as soon as possible and must be compatible with data between cloud computing service providers and client to ensure that seamlessly pan (faultless damage) data, and service providers should establish effective and efficient disaster recovery machinery to guarantee the accessibility of the data (ibid). Similarly, one of the most important concerns about cloud data storage is data integrity verification and untrustworthy servers. Another big concern from the previous design of cloud computing is that of supporting dynamic data operation for cloud data storage, (Wang et al. 2011). In order to solve these problems, these authors have proposed cloud data storage architecture with three basic components; One of them is the client, an entity that has large data files to be stored in the cloud and relies on the cloud for data maintenance and computation; they can be either individual dual consumers or organizations. The second is Cloud Storage Server (CSS), an entity managed by the Cloud Service Provider (CSP). The third component is the third-party auditor, an entity with the expertise and capabilities that clients do not have, who is trusted to assess and expose the risks of the cloud storage service on behalf of the clients at their request. The foregoing shows the important role that cloud computing plays in managing data across the world through computer networks by the service of the Internet. Effective and efficient management of data in the cloud has posed many security challenges that need to be addressed. However, various solutions have been proposed and some have been implemented. Nonetheless, there are some gaps that need to be filled in order to obtain a dynamic, functional and secure cloud computing atmosphere. V. Security Issues And Challenges Companies and organization are rapidly moving unto cloud because they can now use the best resources available in the global market in the blink of an eye and thus reduce their operations cost drastically. But as more information is moved to the cloud, the security concern have started to develop. Some of the security challenges are classified below: Defect of Trend The IBM developed a fully homomorphic encryption scheme in June 2009. This scheme allows data to be processed without being decrypted. Roy I and Ramadan HE applied Decentralized Information Flow Control (DIFC) and differential privacy protection technology into data generation and calculation stages in cloud and put forth a privacy protection system called airavat. This system can prevent privacy leakage without authorization in Map-Reduce computing process. A key problem for data encryption solutions is key management. On one hand, the users have not enough expertise to manage their keys. On the other hand, the cloud service providers need to maintain a large number of user keys. The organization for the Advancement of Structured Information Standards(OASIS) key Management Interoperability Protocols (KMIP) is trying to solve such issues.(OASIS, NY).About data integrity verification, because of data communication, transfer fees and time cost, the user cannot first download data to verify its correctness and then upload the data. And as the data is dynamic in cloud storage, traditional data integrity solutions are no longer suitable. NEC Labs Provable Data Integrity (PDI) solution can support public data integrity verification,(Zeng K, 2008). Also, Cong Wang et al( 2009: 1-9)proposed a mathematical way to verify the integrity of the data dynamically stored in the cloud.In the data storage and use stages, Mowbray proposed a client-based privacy management tool. It provides a user centric trust model to help users to control the storage and use of their sensitive information in the cloud. Munts-Mulero discussed the problems that existing privacy protection technologies (such as K anonymous, Graph Anonymization, and data pre-processing methods) faced when applied to large data and analyzed current solutions. The challenge of data privacy is sharing data while protecting personal privacy information. In a related development,RandikeGanjanayake proposed a privacy protection framework based on Information Accountability (IA) components. The IA agent can identify the users who are accessing information and the types of information they use. When inappropriate misuse is detected, the agents defines a set of method to hold the users accountable for misuse, (RandikeGajanayake, et al, September 2006).
Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 15 | Page Data Integrity  Data breaching is the biggest security issue. A capable hacker can easily intrude in to a client side application and get into the client‟s confidential data.  Inefficient and flawed APIs (Access Point Infrastructures) and interfaces become easy targets.IT companies that provide cloud services allow third party companies to modify the APIs and introduce their own functionality which in turns allows these companies to understand the inner working of the cloud.  Denial of Service (DoS) is also a major threat wherein the user is granted partial or no access to his/her data. Companies now use cloud 24/7 and DoS can cause huge increase in cost both for the user and service provider.  Connection eavesdropping means that a hacker can scan your online activities and reproduce/replay a particular transmission to get into your private data. It can also lead the user to illegal or unwanted sites.  Data loss is another issue. A malicious hacker can wipe the data or any natural/man-made disaster can destroy your data. In such cases having an offline copy is a big advantage. Carelessness of service provider can also lead to data loss.  Compatibility between different cloud services is also an issue. If a user decides to move from one cloud to another the compatibility ensures that there is no loss of data.  Cloud can also be used for wrong purposes i.e. cloud abuse. Due to the availability of latest technologies on the cloud it can be used for high end calculations which cannot be done on a standard computer.  Insufficient understanding of cloud technologies can lead to unknown levels of risk. Companies move to cloud because it provides substantial reduction in cost but if transfer is done without proper background learning. The problem arise can be even greater.  Inside theft in the form of a current or former employee, a contractor, etc who is able to use the data for harmful purposes.  Safe storage of encryption keys is also a problem. Even if you are using encryption for enhanced security, safe keeping becomes an issue. Who should be the owner of the key? User seems to be the answer but how diligent and careful can he/she decide the security of the data.( Notorious Nine, Cloud Security, Info World February 25, May 2013 accessed from http://www.infoworld.com)  Disaster and Data Breach: with the cloud security as a single centralized repository for a company‟s mission-critical data, the risks of having that data compromised due to a data breach or temporarily unavailable due to a natural disaster are real concerns. Therefore, clients need to know how their data is being secured and what measure of the integrity and availability of data in case of natural disaster. Also, what is the measure if there breach agreement between the cloud and clients? Minqui Zhou et al. (2010) andKresimirpopovic et al. (2010) classify the various threats concerning cloud security in the following areas:  Access: The aim of cloud services to provide information to the user from any place, at any time. As a web service cloud enables the user to access his/her data from anywhere and this is applicable to all the services being provided by it. The client should know where data is being stored. In a situation where the client ask the cloud service provider to delete his/her data. The data should be deleted. The cloud service provider should not withhold any information.  Control: In a cloud, controlling the system and its use is important. The amount of data that is visible to any member of the service provider should be controlled. The visibility of the data defines the level of control.  Compliance: Proper authorities need to define laws to govern the safekeeping of data in the cloud because cloud can cross multiple jurisdictions around the world. If a piece of data is stored in a different country and it contains sensitive data that is wanted by the authorities than the rules apply on data that data.  Data Integrity: Data integrity in simple terms means that the data is preserved and no changes are made without the user‟s permission. In cloud, data integrity is a fundamental requirement.  Audit: This means to keep a simple check on the activities happening on the cloud. The presence of an auditing mechanism can maintain a long list of events to help prevent breaches.  Privacy Breaches: The cloud service provider should inform its user about any breach in security. The user has to the right to know what‟s happening in his/her space.  Confidentiality: This ensures that the user‟s data is kept secret. Confidentiality is one aspect of cloud storage security that will raise questions in a common users mind. Cloud as such is a public network and is susceptible to more threats, thus, confidentiality is very important.
Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 16 | Page VI. Techniques Of Enhancing Data In Cloud Computing The encryption algorithm: Thisis the most commonly used technique to protect data cloud environment. The data related to a client can be categorized as public data and private data. The public data is sharable among trusted clients that provide an open environment for collaboration. Private data is client‟s confidential data that must be transferred in encrypted form for security and privacy. According to key characteristics, modem cryptosystem can be classified into symmetric cryptosystem and asymmetric cryptosystem. For a symmetric cryptosystem, the sender and receiver share an encryption key and decryption key. These two keys are the same or easy to deduce each other. The representatives of symmetric cryptosystem are DES (Data Encryption Standard), 3DES and AES (Advanced Encryption Standard. For an asymmetric cryptosystem, the receiver possesses public key and private key. The public key can be published but the private key should be kept secret.The cloud architecture deployed with samba storage uses operating system feature specifying permission values for three attribute (User/Owner, Group andGlobal) and maps it to cryptographic application which performs cryptographic operations. Cryptographic application: Thissupports symmetric and asymmetric encryption algorithm to encrypt/decrypt data for uploading/downloading within cloud storage.Users should be equipped with security means so that they can make continuous correctness assurance of their stored data even without the existence of local copies. In case that user does not necessarily have the time, feasibility or resources to monitor their data, they can make or delegate the tasks to an optional trusted TPA of their respective choices. In our model, we assume that the point-to point communication channels between each cloud server and the user is authenticated and reliable, which can be achieved in practice with little overhead. Data Protection: Securing your data both at rest and in transit: Implementing a cloud computing strategies means placing critical data in the hands of a third party, so ensuring the data remains secure both at rest (data residing on storage media) as well as when in transit is of paramount important. Data needs to be encrypted at all times, with clearly defined roles when it comes to who will be managing the encryption keys. In most cases, the only way to truly ensure confidentiality of encrypted data that resides on a cloud provider‟s storage servers is for the client to own and manage the data encrypted keys. Contingency Planning:cloud providers necessary measures for internal external backup in case of natural disasters.Additionally, companies should also have contingency plans in place in the event their cloud provider fails or goes bankrupt User Authentication: limiting access to data and monitoring who accesses the data:Data resting in the cloud needs to be accessible only by those who authorized to do so. In order to ensure the integrity of user authentication, companies need to be able to view data access logs and audit trails to verify that only authorized users are accessing the data. To achieve this, various steps of authentication are provided in terms of communication among Client machine with cryptographic module and server storage. VII. Conclusion The authors were able to examine and reveal the security issues and challenges that generally affect the integrity of data in cloud computing. They also outlined possible techniques that will assist enhancement of data reliability in cloud computing environment. In addition, the authors suggested good ways of collaboration between cloud computing providers and clients. VIII. Recommendation In this digital age of globalization, the role that cloud computing plays in managing data across the world through computer networks by the service of the Internet which in turn has improved research and development, commerce and industry, corporate governance, health and related issues cannot be taken with levity. Thus, effective and efficient management of data in cloudcomputing becomes not only important but necessary. Therefore, many security challenges posed and needbe addressed. Despite the fact that various solutions have been proposed and some have been implemented (as discussed), there still remain some gaps that need to be filled in order to obtain a dynamic, functional and secure cloud computing atmosphere. In view of the above, the following techniques/algorithm were suggested that will provide secure atmosphere:  Username and password allocated to user for access to server storage  Verification and validation are performed by matching details stored in server storage  After user authentication storage is allocated for uploading and downloading  Cryptographic application based on AES and ECC with SHA used for encryption/decryption operation on data.  The user should be provided with storage space and decides to upload data using encryption application or directly on storage.  Data downloaded from storage space and decrypted using key stored in user‟s mail server  After upload and download user logout from server storage  Storage loaded to server and connection terminated.
Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 17 | Page In addition, the use of thump print, face, and voice and image identification should be adopted for user authentication. Reference [1]. Al Zain, M., Soh, B., &Pardede, E. (2012). A New Approach Using Redundancy Technique to Improve Security in Cloud Computing. IEEE. [2]. Beckham, J. (2011), „The Top 5 Security Risks of Cloud Computing‟ available at: http://blogs.cisco.com/smallbusiness/the-top-5- security-risks-of-cloud-computing/(accessed 17/09/2013). [3]. Chanderetal.(2013)International Journal of Advanced Research in Computer Science and Software Engineering Vol 3(5) May - 2013, pp. 570-575 [4]. Han, D. and Zhang, F. (2012), Applying Agents to the Data Security in Cloud Computing. International Conference on Computer Science and Information Processing (CSIP). IEEExplore Pp. 1126 – 1127 [5]. kresimirpopovic and ZeljkoHocenski (2010) Cloud Computing Security and Challenges in MPRO Mariana Carroll, Paula Kotzé, Alta van der Merwe (2012). "Securing Virtual and CloudEnvironments". In I. Ivanov et al. Cloud Computing and Services Science, Service Science: Research and Innovations in the Service Economy. Springer Science+Business Media.doi:10.1007/978-1- 4614-2326-3. [6]. Minqui Zhou, Rong Zhang, etal. (2010)“ Security and Privacy in Cloud Computing: A Survey” In Sixth International Conference on Semantics, Knowledge and Grids.No author stated, (NY) Notorious Nine, Cloud Security, Info World February 25, May 2013 [Online] http://www.infoworld.com [7]. Rewagad, P. and Pawar, Y. (2003), Using Digital Signature with Differ Hellman Key Exchange and AES Encryption Algorithm to Enhance Data security in Cloud Computing. International Conference on Communication System and Network TechnologiesIEEExplore Pp. 437 - 438 [8]. VeerajuGampala, SrilaskhmiInuganti, Satish Muppidi, “Data Security in Cloud Computing with Elliptic Curve Cryptography” vol. 2 Issues 3, July, 2012. [9]. Weihai, P.R. (2013), Data Security in Cloud Computing. The 8th International Conference onComputer Science and Education (ICCSE)IEEExplor. Pp. 811- 813 Columbo, Sri Lanka [10]. Wang, Q., Wang, C., Ren, K., Lou, W. and Li, J. (2011). Enabling Public Auditability and Data Dynamics for Storage Security in Cloud ComputingIEEE Transactions on Parallel and Distributed System Vol. 22, No. 5, Pp. 848 – 849.

Recommended

G033030035
G033030035G033030035
G033030035ijceronline
 
Fog doc
Fog doc Fog doc
Fog doc priyanka reddy
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSIJMER
 
Challenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingChallenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingBrandix India Apparel City Pvt Ltd.
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computingiosrjce
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193IJERA Editor
 
Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
 

Recommended

G033030035
G033030035G033030035
G033030035ijceronline
 
Fog doc
Fog doc Fog doc
Fog doc priyanka reddy
 
A survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniquesA survey on data security in cloud computing issues and mitigation techniques
A survey on data security in cloud computing issues and mitigation techniqueseSAT Publishing House
 
Security of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSSecurity of Data in Cloud Environment Using DPaaS
Security of Data in Cloud Environment Using DPaaSIJMER
 
Challenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingChallenges of IP protection in era of cloud computing
Challenges of IP protection in era of cloud computingBrandix India Apparel City Pvt Ltd.
 
Privacy Issues In Cloud Computing
Privacy Issues In Cloud ComputingPrivacy Issues In Cloud Computing
Privacy Issues In Cloud Computingiosrjce
 
Ad4502189193
Ad4502189193Ad4502189193
Ad4502189193IJERA Editor
 
Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
 
A survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computingA survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computingIAEME Publication
 
Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...eSAT Publishing House
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Zuhair Haroon khan
 
Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
 
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
 
An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
 
50120140503020
5012014050302050120140503020
50120140503020IAEME Publication
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issuesJahangeer Qadiree
 
A study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_oA study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_oPradeep Muralidhar
 
IRJET- Secure Cloud Storage through Dual Protection
IRJET- Secure Cloud Storage through Dual ProtectionIRJET- Secure Cloud Storage through Dual Protection
IRJET- Secure Cloud Storage through Dual ProtectionIRJET Journal
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Editor IJARCET
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
 
Eb31854857
Eb31854857Eb31854857
Eb31854857IJERA Editor
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingAzhar Hassan
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
B042306013
B042306013B042306013
B042306013ijceronline
 
70 74
70 7470 74
70 74Editor IJARCET
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesIJCSIS Research Publications
 
Aes based secured framework for cloud databases
Aes based secured framework for cloud databasesAes based secured framework for cloud databases
Aes based secured framework for cloud databasesIJARIIT
 
kapil (1)
kapil (1)kapil (1)
kapil (1)Kapil Upadhyay
 
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)Hanh Hoa
 

More Related Content

What's hot

A survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computingA survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computingIAEME Publication
 
Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...eSAT Publishing House
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Zuhair Haroon khan
 
Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. IJCERT JOURNAL
 
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
 
An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issuesJahangeer Qadiree
 
A study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_oA study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_oPradeep Muralidhar
 
IRJET- Secure Cloud Storage through Dual Protection
IRJET- Secure Cloud Storage through Dual ProtectionIRJET- Secure Cloud Storage through Dual Protection
IRJET- Secure Cloud Storage through Dual ProtectionIRJET Journal
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Editor IJARCET
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyIDES Editor
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesIJCSIS Research Publications
 
Aes based secured framework for cloud databases
Aes based secured framework for cloud databasesAes based secured framework for cloud databases
Aes based secured framework for cloud databasesIJARIIT
 

What's hot (20)

A survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computingA survey on secured data outsourcing in cloud computing
A survey on secured data outsourcing in cloud computing
 
Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...Fog computing a new concept to minimize the attacks and to provide security i...
Fog computing a new concept to minimize the attacks and to provide security i...
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud Computtiing
 
Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)
 
Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions. Security Issues’ in Cloud Computing and its Solutions.
Security Issues’ in Cloud Computing and its Solutions.
 
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...
 
An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...An efficient and secure data storage in cloud computing using modified RSA pu...
An efficient and secure data storage in cloud computing using modified RSA pu...
 
50120140503020
5012014050302050120140503020
50120140503020
 
Solutions of cloud computing security issues
Solutions of cloud computing security issuesSolutions of cloud computing security issues
Solutions of cloud computing security issues
 
A study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_oA study on_security_and_privacy_issues_o
A study on_security_and_privacy_issues_o
 
IRJET- Secure Cloud Storage through Dual Protection
IRJET- Secure Cloud Storage through Dual ProtectionIRJET- Secure Cloud Storage through Dual Protection
IRJET- Secure Cloud Storage through Dual Protection
 
Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409Ijarcet vol-2-issue-4-1405-1409
Ijarcet vol-2-issue-4-1405-1409
 
Enhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through SteganographyEnhancing Data Storage Security in Cloud Computing Through Steganography
Enhancing Data Storage Security in Cloud Computing Through Steganography
 
Eb31854857
Eb31854857Eb31854857
Eb31854857
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
 
B042306013
B042306013B042306013
B042306013
 
70 74
70 7470 74
70 74
 
A Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust IssuesA Survey on Cloud Computing Security – Challenges and Trust Issues
A Survey on Cloud Computing Security – Challenges and Trust Issues
 
Aes based secured framework for cloud databases
Aes based secured framework for cloud databasesAes based secured framework for cloud databases
Aes based secured framework for cloud databases
 

Viewers also liked

Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)Hanh Hoa
 
Black plague
Black plagueBlack plague
Black plaguemarmar95
 
Il mestiere del traduttore editoriale
Il mestiere del traduttore editorialeIl mestiere del traduttore editoriale
Il mestiere del traduttore editorialeCosi Repossi
 
Codigo para insertar al blog
Codigo para insertar al blogCodigo para insertar al blog
Codigo para insertar al blogyaniris226
 
Ian dewson marries at lavish parkland country club
Ian dewson marries at lavish parkland country clubIan dewson marries at lavish parkland country club
Ian dewson marries at lavish parkland country clubIan Dewson
 

Viewers also liked (14)

kapil (1)
kapil (1)kapil (1)
kapil (1)
 
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
Những trải nghiệm không nên bỏ lỡ khi đến phan thiết (p2)
 
G1803054653
G1803054653G1803054653
G1803054653
 
B.c project
B.c projectB.c project
B.c project
 
Black plague
Black plagueBlack plague
Black plague
 
N130306100103
N130306100103N130306100103
N130306100103
 
resume
resumeresume
resume
 
Il mestiere del traduttore editoriale
Il mestiere del traduttore editorialeIl mestiere del traduttore editoriale
Il mestiere del traduttore editoriale
 
Codigo para insertar al blog
Codigo para insertar al blogCodigo para insertar al blog
Codigo para insertar al blog
 
Car tips for winter
Car tips for winterCar tips for winter
Car tips for winter
 
D1803012022
D1803012022D1803012022
D1803012022
 
Q180203109113
Q180203109113Q180203109113
Q180203109113
 
C1303061622
C1303061622C1303061622
C1303061622
 
Ian dewson marries at lavish parkland country club
Ian dewson marries at lavish parkland country clubIan dewson marries at lavish parkland country club
Ian dewson marries at lavish parkland country club
 

Similar to Enhancement of Data Security in Cloud Computing

fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloudpriyanka reddy
 
Fog computing document
Fog computing documentFog computing document
Fog computing documentsravya raju
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGSECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGIRJET Journal
 
An Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingAn Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingIOSR Journals
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
 
Cloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion DetectionCloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
 
Literature Review: Cloud Computing Security Issues and Techniques
Literature Review: Cloud Computing Security Issues and TechniquesLiterature Review: Cloud Computing Security Issues and Techniques
Literature Review: Cloud Computing Security Issues and TechniquesIJCSIS Research Publications
 
A Journey of Cloud Computing
A Journey of Cloud ComputingA Journey of Cloud Computing
A Journey of Cloud ComputingCETPA
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGA STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGEr Piyush Gupta IN ⊞⌘
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environmentsijfcstjournal
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGijsptm
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Security and privacy approach of cloud computing
Security and privacy approach of cloud computingSecurity and privacy approach of cloud computing
Security and privacy approach of cloud computingJahangeer Qadiree
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
 
Security & privacy issues of cloud & grid computing networks
Security & privacy issues of cloud & grid computing networksSecurity & privacy issues of cloud & grid computing networks
Security & privacy issues of cloud & grid computing networksijcsa
 

Similar to Enhancement of Data Security in Cloud Computing (20)

B018211016
B018211016B018211016
B018211016
 
fog computing provide security to the data in cloud
fog computing provide security to the data in cloudfog computing provide security to the data in cloud
fog computing provide security to the data in cloud
 
Fog computing document
Fog computing documentFog computing document
Fog computing document
 
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTINGSECURE DATA TRANSFER BASED ON CLOUD COMPUTING
SECURE DATA TRANSFER BASED ON CLOUD COMPUTING
 
G0314043
G0314043G0314043
G0314043
 
B017660813
B017660813B017660813
B017660813
 
An Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud ComputingAn Overview on Security Issues in Cloud Computing
An Overview on Security Issues in Cloud Computing
 
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...
 
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...
 
Cloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion DetectionCloud Computing Using Encryption and Intrusion Detection
Cloud Computing Using Encryption and Intrusion Detection
 
Literature Review: Cloud Computing Security Issues and Techniques
Literature Review: Cloud Computing Security Issues and TechniquesLiterature Review: Cloud Computing Security Issues and Techniques
Literature Review: Cloud Computing Security Issues and Techniques
 
A Journey of Cloud Computing
A Journey of Cloud ComputingA Journey of Cloud Computing
A Journey of Cloud Computing
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTINGA STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
A STUDY OF THE ISSUES AND SECURITY OF CLOUD COMPUTING
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
 
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTINGDATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
DATA STORAGE SECURITY CHALLENGES IN CLOUD COMPUTING
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Security and privacy approach of cloud computing
Security and privacy approach of cloud computingSecurity and privacy approach of cloud computing
Security and privacy approach of cloud computing
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
 
Security & privacy issues of cloud & grid computing networks
Security & privacy issues of cloud & grid computing networksSecurity & privacy issues of cloud & grid computing networks
Security & privacy issues of cloud & grid computing networks
 

More from IOSR Journals

More from IOSR Journals (20)

A011140104
A011140104A011140104
A011140104
 
M0111397100
M0111397100M0111397100
M0111397100
 
L011138596
L011138596L011138596
L011138596
 
K011138084
K011138084K011138084
K011138084
 
J011137479
J011137479J011137479
J011137479
 
I011136673
I011136673I011136673
I011136673
 
G011134454
G011134454G011134454
G011134454
 
H011135565
H011135565H011135565
H011135565
 
F011134043
F011134043F011134043
F011134043
 
E011133639
E011133639E011133639
E011133639
 
D011132635
D011132635D011132635
D011132635
 
C011131925
C011131925C011131925
C011131925
 
B011130918
B011130918B011130918
B011130918
 
A011130108
A011130108A011130108
A011130108
 
I011125160
I011125160I011125160
I011125160
 
H011124050
H011124050H011124050
H011124050
 
G011123539
G011123539G011123539
G011123539
 
F011123134
F011123134F011123134
F011123134
 
E011122530
E011122530E011122530
E011122530
 
D011121524
D011121524D011121524
D011121524
 

Recently uploaded

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

Enhancement of Data Security in Cloud Computing

  • 1. IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, Volume 18, Issue 2, Ver. IV (Mar-Apr. 2016), PP 12-17 www.iosrjournals.org DOI: 10.9790/0661-1802041217 www.iosrjournals.org 12 | Page Enhancement of Data Security in Cloud Computing: Issues and Challenges 1 Obed Jatauwycliff,2 Abdulrahman Saidu, 3 SuleimanAdamu 1 Information & Communication Technology Unit, Federal Polytechnic Bali, Taraba State 2 Department Computer Science, Federal Polytechnic Bali, Taraba State 3 Department of Computer Science, Federal College Of Education Yola, Adamawa State. Abstract: Cloud computing can save an organization’s time and money but trusting the system is very much important because the real asset of any organization is the data which they share in the cloud to use the needed service by putting it directly in the relational database.No organization can transfer its data or information to a third party until a bridge of trust is built. This paper provides a concise and all round analysis on data security and privacy protection issues associated with computing across all stages of data life cycle. It argues that, in contrast to the traditional solution where unauthorized third party can access organizational data illegally which raises a serious concern since data is scattered at different places all over the globe. The security concerns of users need to be addressed to make cloud environment safe and trustworthy. Every cloud provider solves this by encrypting data using encryption algorithm which is inadequate. The paper concludes by recommending that in addition to the traditional methods, the security of cloud computing can also be enhanced through authentication using thumb print, face, voice and image identification. Keywords:Cloud computing, Information Technology, Data Integrity, Authentication, Security and Challenges. I. Introduction Cloud computing is a type of computing that relies on sharing computing resources rather than having local services on personal devices to handle applications. In cloud computing, the word cloud is used as a metaphor for the internet.So the phrase Cloudmeans a type of internet based computing, where different services, storages and applications are delivered to an organization‟s computers and devices through the internet. Thus, Cloud Computing means storing and accessing data and programs over the internet instead of computer‟s hard drive. It can also be seen as the hardware and software resources in the data centers that provide diverse services over the network or internet to address the user requirements (Leavitt, 2009). A lot of research has been done on the potentials of cloud and the services that cloud computing can and could offer. In essence though, these services can be categorized into four main sections: Storage as a Service (StaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS).Cloud offers a storage space that is enormous, seemingly endless, and growing every day. Storage as a Service (StaaS) enables cloud applications to scale beyond their limited servers. Cloud storage systems are expected to meet several laborious equipment for maintaining users‟ data and information, including high availability, reliability, performance, replication and data consistency. In addition to those services, consumers are also relieved of their responsibility to own and maintain their own computer storage as cloud vendors offer them the choice of storing their information in the cloud which is accessible whenever they want. Cloud computing offers a prominent service for data known as cloud storage, but data security has always remained a major issue in IT and in cloud, it is particularly of serious concern since data are scattered at different places all over the globe. It can equally save an organization‟s time and money but trusting the system is very much important because the real asset of any organization is the data which they share in the cloud to use the needed services by putting it directly in the relational database through an application. But the security concerns of users must be addressed to make cloud environment trustworthy. In cloud computing a trustworthy environment is a basic prerequisite to win confidence of a user to adopt such technology. Data protection and security are the two main foremost factors for gaining user‟s trust and making the cloud successful. From the perspective of data security, which has always been an important aspect of quality of service, cloud computing inevitably poses new challenging security threats for number of reasons; Data stored on cloud servers is not completely secure from infection. While popular cloud services such as Google Docs are equipped with virus scanning software, there is still the possibility of an internal or external attack affecting your data; The data stored in the cloud may be frequently updated by the users, including insertion, deletion, modification; appending, reordering, etc. this post another challenge in cloud computing; In cloud computing there are three primary users that manage database i.e. User, Cloud Service Provider (CSP) and Third Party Auditor (TPA), each of this need an independent authentication to access the database. This is another issue in cloud computing
  • 2. Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 13 | Page that need security. Albeit the above challenges, this paper attempts to discuss how the security of cloud computing can further be enhanced to make it safe and trustworthy. II. Definition Of Key Terminologies Cloud Computing Security (CCA): It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing User:Users, who have data to be stored in the cloud and rely on the cloud for data computation, consist of both individual consumers and organizations. Cloud Service Provider (CSP):Is one who has significant resources and expertise in building and managing distributed cloud storage servers, owns and operates live cloud computing. Third Party Auditor (TPA):An optional TPA, who has expertise and capabilities that users may not have, is trusted to assess and expose risk of cloud storage services on behalf of the users upon request. III. Benefits Of Cloud Computing Cloud computing plays an important role in the advancement of Information Technology (IT) hence, adding value to human life. Some of the advantages are enumerated below:  It provide availability ofa huge array of software applications, seemingly unlimited storage, has given access to lightning processing power and the ability to easily share information across the globe.  Cloud computing allows consumers and corporate structure to use all the applications offered by the cloud without the extra effort of instillation and also offers access to their personal file from any computer anywhere at any time with internet access.  It offers access to a large number of sophisticated supercomputer and their resultant processing power, connected as numerous locations around the world, thus offering speed in the tens of trillions of computations per second.  It also promises tangible cost saving and speed to costumers. Despite these advantages, the cloud is not completely safe or trustworthy since data of the users can be compromised or illegally accessed by an unauthorized third party. This paper attempts to proffersolution on how to enhance security in cloud computing to make it safer, trustworthy and reliable. IV. Related Works Cloud computing is an informal expression used to describe different types of computing concepts that involve a large number of computers connected through a real-time communication network such as the Internet. This means it refers to network-based services which appear to be provided by real server hardware, which in fact served up by virtual hardware, simulated by software running on one or more real machines. Such virtual servers do not physically exist and can therefore be moved around and scaled up (or down) on the fly without affecting the end user - arguably, rather like a cloud (Carrol et al. 2012). Cloud computing has emerged to become one of companies‟ greatest means of reviving and enhancing their business and IT infrastructure. Nevertheless, there are certain data security issues and challenges related to cloud computing. In everyday computing, security is one of the most acute aspects to be considered and it is no less important for cloud computing due to the sensitivity and significance of data stored in the cloud, (Al Zain et al. 2012). In cloud computing operations, there are issues of secure data transfer, secure software interfaces, secure stored data, and user access control and data separation, which are very important in ensuring the integrity of client data(Beckham, 2011). Rewagad and Pawar (2013) maintains that in cloud computing, organizations can use services and data that can be stored at any location beyond their control, this facility has raised various security questions such as privacy, confidentiality, integrity etc., and it demands a trustworthy computing atmosphere where data confidentiality can be maintained. The authors have proposed a very good solution to the security questions raised by using three kinds of protection scheme. One is to use the Diffie-Hellman Algorithm to generate keys for the key exchange step. Next, digital image signature will be used for authentication; afterwards, the Advance Encryption Standard (AES) encryption algorithm will be used to encrypt or decrypt the user‟s data file. In the cloud computing environment, data security issues can be divided into four types: safety problems caused by virtual technology; root authority of the data centre; data security and consistency; and problems prompted by new technology, (Han and Zhang, 2012). In order to overcome the outlined security issues the authors introduced new technology, which is the agent. According to them, at present, agent-oriented technology as a software system designed and developed by new methods is of widespread interest in academia and the business community. Its features are autonomy, responsiveness, initiative, social and others. Likewise, data transmissions in networks are often intercepted, tampered with or replaced by hackers (Weihai, 2013). This author outlined that there is a guarantee of the security of data transmission on the network to HTTPS, or TCP/IP, which is coupled with modern cryptographic algorithms and network security equipment.
  • 3. Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 14 | Page Another problem mentioned is that data storage security is non-volatile or has a fast recovery after a loss. It was proposed that this security issue be taken into consideration by software engineers in the design stage of cloud storage services. Also, data redundancy, dynamic, and isolation should be included in the design. It was added that management needs to consider the replacement or deactivation of service providers because, once the cooperation agreement expires, as the user may disable a service, it is uncertain what will happen to the data stored in the cloud or whether it will be returned to its owner. The solution he provided is to use the products of another service provider, who will then deal with seamless data panning. Furthermore, it was maintained that, in cloud computing infrastructure, the sharing of physical resources causes crises in data security and privacy, and one can no longer rely on a physical machine or network boundary. Moreover, users worry about the transparency of the data storage location. Therefore, it has been suggested that relevant laws and regulations be put in place as soon as possible and must be compatible with data between cloud computing service providers and client to ensure that seamlessly pan (faultless damage) data, and service providers should establish effective and efficient disaster recovery machinery to guarantee the accessibility of the data (ibid). Similarly, one of the most important concerns about cloud data storage is data integrity verification and untrustworthy servers. Another big concern from the previous design of cloud computing is that of supporting dynamic data operation for cloud data storage, (Wang et al. 2011). In order to solve these problems, these authors have proposed cloud data storage architecture with three basic components; One of them is the client, an entity that has large data files to be stored in the cloud and relies on the cloud for data maintenance and computation; they can be either individual dual consumers or organizations. The second is Cloud Storage Server (CSS), an entity managed by the Cloud Service Provider (CSP). The third component is the third-party auditor, an entity with the expertise and capabilities that clients do not have, who is trusted to assess and expose the risks of the cloud storage service on behalf of the clients at their request. The foregoing shows the important role that cloud computing plays in managing data across the world through computer networks by the service of the Internet. Effective and efficient management of data in the cloud has posed many security challenges that need to be addressed. However, various solutions have been proposed and some have been implemented. Nonetheless, there are some gaps that need to be filled in order to obtain a dynamic, functional and secure cloud computing atmosphere. V. Security Issues And Challenges Companies and organization are rapidly moving unto cloud because they can now use the best resources available in the global market in the blink of an eye and thus reduce their operations cost drastically. But as more information is moved to the cloud, the security concern have started to develop. Some of the security challenges are classified below: Defect of Trend The IBM developed a fully homomorphic encryption scheme in June 2009. This scheme allows data to be processed without being decrypted. Roy I and Ramadan HE applied Decentralized Information Flow Control (DIFC) and differential privacy protection technology into data generation and calculation stages in cloud and put forth a privacy protection system called airavat. This system can prevent privacy leakage without authorization in Map-Reduce computing process. A key problem for data encryption solutions is key management. On one hand, the users have not enough expertise to manage their keys. On the other hand, the cloud service providers need to maintain a large number of user keys. The organization for the Advancement of Structured Information Standards(OASIS) key Management Interoperability Protocols (KMIP) is trying to solve such issues.(OASIS, NY).About data integrity verification, because of data communication, transfer fees and time cost, the user cannot first download data to verify its correctness and then upload the data. And as the data is dynamic in cloud storage, traditional data integrity solutions are no longer suitable. NEC Labs Provable Data Integrity (PDI) solution can support public data integrity verification,(Zeng K, 2008). Also, Cong Wang et al( 2009: 1-9)proposed a mathematical way to verify the integrity of the data dynamically stored in the cloud.In the data storage and use stages, Mowbray proposed a client-based privacy management tool. It provides a user centric trust model to help users to control the storage and use of their sensitive information in the cloud. Munts-Mulero discussed the problems that existing privacy protection technologies (such as K anonymous, Graph Anonymization, and data pre-processing methods) faced when applied to large data and analyzed current solutions. The challenge of data privacy is sharing data while protecting personal privacy information. In a related development,RandikeGanjanayake proposed a privacy protection framework based on Information Accountability (IA) components. The IA agent can identify the users who are accessing information and the types of information they use. When inappropriate misuse is detected, the agents defines a set of method to hold the users accountable for misuse, (RandikeGajanayake, et al, September 2006).
  • 4. Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 15 | Page Data Integrity  Data breaching is the biggest security issue. A capable hacker can easily intrude in to a client side application and get into the client‟s confidential data.  Inefficient and flawed APIs (Access Point Infrastructures) and interfaces become easy targets.IT companies that provide cloud services allow third party companies to modify the APIs and introduce their own functionality which in turns allows these companies to understand the inner working of the cloud.  Denial of Service (DoS) is also a major threat wherein the user is granted partial or no access to his/her data. Companies now use cloud 24/7 and DoS can cause huge increase in cost both for the user and service provider.  Connection eavesdropping means that a hacker can scan your online activities and reproduce/replay a particular transmission to get into your private data. It can also lead the user to illegal or unwanted sites.  Data loss is another issue. A malicious hacker can wipe the data or any natural/man-made disaster can destroy your data. In such cases having an offline copy is a big advantage. Carelessness of service provider can also lead to data loss.  Compatibility between different cloud services is also an issue. If a user decides to move from one cloud to another the compatibility ensures that there is no loss of data.  Cloud can also be used for wrong purposes i.e. cloud abuse. Due to the availability of latest technologies on the cloud it can be used for high end calculations which cannot be done on a standard computer.  Insufficient understanding of cloud technologies can lead to unknown levels of risk. Companies move to cloud because it provides substantial reduction in cost but if transfer is done without proper background learning. The problem arise can be even greater.  Inside theft in the form of a current or former employee, a contractor, etc who is able to use the data for harmful purposes.  Safe storage of encryption keys is also a problem. Even if you are using encryption for enhanced security, safe keeping becomes an issue. Who should be the owner of the key? User seems to be the answer but how diligent and careful can he/she decide the security of the data.( Notorious Nine, Cloud Security, Info World February 25, May 2013 accessed from http://www.infoworld.com)  Disaster and Data Breach: with the cloud security as a single centralized repository for a company‟s mission-critical data, the risks of having that data compromised due to a data breach or temporarily unavailable due to a natural disaster are real concerns. Therefore, clients need to know how their data is being secured and what measure of the integrity and availability of data in case of natural disaster. Also, what is the measure if there breach agreement between the cloud and clients? Minqui Zhou et al. (2010) andKresimirpopovic et al. (2010) classify the various threats concerning cloud security in the following areas:  Access: The aim of cloud services to provide information to the user from any place, at any time. As a web service cloud enables the user to access his/her data from anywhere and this is applicable to all the services being provided by it. The client should know where data is being stored. In a situation where the client ask the cloud service provider to delete his/her data. The data should be deleted. The cloud service provider should not withhold any information.  Control: In a cloud, controlling the system and its use is important. The amount of data that is visible to any member of the service provider should be controlled. The visibility of the data defines the level of control.  Compliance: Proper authorities need to define laws to govern the safekeeping of data in the cloud because cloud can cross multiple jurisdictions around the world. If a piece of data is stored in a different country and it contains sensitive data that is wanted by the authorities than the rules apply on data that data.  Data Integrity: Data integrity in simple terms means that the data is preserved and no changes are made without the user‟s permission. In cloud, data integrity is a fundamental requirement.  Audit: This means to keep a simple check on the activities happening on the cloud. The presence of an auditing mechanism can maintain a long list of events to help prevent breaches.  Privacy Breaches: The cloud service provider should inform its user about any breach in security. The user has to the right to know what‟s happening in his/her space.  Confidentiality: This ensures that the user‟s data is kept secret. Confidentiality is one aspect of cloud storage security that will raise questions in a common users mind. Cloud as such is a public network and is susceptible to more threats, thus, confidentiality is very important.
  • 5. Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 16 | Page VI. Techniques Of Enhancing Data In Cloud Computing The encryption algorithm: Thisis the most commonly used technique to protect data cloud environment. The data related to a client can be categorized as public data and private data. The public data is sharable among trusted clients that provide an open environment for collaboration. Private data is client‟s confidential data that must be transferred in encrypted form for security and privacy. According to key characteristics, modem cryptosystem can be classified into symmetric cryptosystem and asymmetric cryptosystem. For a symmetric cryptosystem, the sender and receiver share an encryption key and decryption key. These two keys are the same or easy to deduce each other. The representatives of symmetric cryptosystem are DES (Data Encryption Standard), 3DES and AES (Advanced Encryption Standard. For an asymmetric cryptosystem, the receiver possesses public key and private key. The public key can be published but the private key should be kept secret.The cloud architecture deployed with samba storage uses operating system feature specifying permission values for three attribute (User/Owner, Group andGlobal) and maps it to cryptographic application which performs cryptographic operations. Cryptographic application: Thissupports symmetric and asymmetric encryption algorithm to encrypt/decrypt data for uploading/downloading within cloud storage.Users should be equipped with security means so that they can make continuous correctness assurance of their stored data even without the existence of local copies. In case that user does not necessarily have the time, feasibility or resources to monitor their data, they can make or delegate the tasks to an optional trusted TPA of their respective choices. In our model, we assume that the point-to point communication channels between each cloud server and the user is authenticated and reliable, which can be achieved in practice with little overhead. Data Protection: Securing your data both at rest and in transit: Implementing a cloud computing strategies means placing critical data in the hands of a third party, so ensuring the data remains secure both at rest (data residing on storage media) as well as when in transit is of paramount important. Data needs to be encrypted at all times, with clearly defined roles when it comes to who will be managing the encryption keys. In most cases, the only way to truly ensure confidentiality of encrypted data that resides on a cloud provider‟s storage servers is for the client to own and manage the data encrypted keys. Contingency Planning:cloud providers necessary measures for internal external backup in case of natural disasters.Additionally, companies should also have contingency plans in place in the event their cloud provider fails or goes bankrupt User Authentication: limiting access to data and monitoring who accesses the data:Data resting in the cloud needs to be accessible only by those who authorized to do so. In order to ensure the integrity of user authentication, companies need to be able to view data access logs and audit trails to verify that only authorized users are accessing the data. To achieve this, various steps of authentication are provided in terms of communication among Client machine with cryptographic module and server storage. VII. Conclusion The authors were able to examine and reveal the security issues and challenges that generally affect the integrity of data in cloud computing. They also outlined possible techniques that will assist enhancement of data reliability in cloud computing environment. In addition, the authors suggested good ways of collaboration between cloud computing providers and clients. VIII. Recommendation In this digital age of globalization, the role that cloud computing plays in managing data across the world through computer networks by the service of the Internet which in turn has improved research and development, commerce and industry, corporate governance, health and related issues cannot be taken with levity. Thus, effective and efficient management of data in cloudcomputing becomes not only important but necessary. Therefore, many security challenges posed and needbe addressed. Despite the fact that various solutions have been proposed and some have been implemented (as discussed), there still remain some gaps that need to be filled in order to obtain a dynamic, functional and secure cloud computing atmosphere. In view of the above, the following techniques/algorithm were suggested that will provide secure atmosphere:  Username and password allocated to user for access to server storage  Verification and validation are performed by matching details stored in server storage  After user authentication storage is allocated for uploading and downloading  Cryptographic application based on AES and ECC with SHA used for encryption/decryption operation on data.  The user should be provided with storage space and decides to upload data using encryption application or directly on storage.  Data downloaded from storage space and decrypted using key stored in user‟s mail server  After upload and download user logout from server storage  Storage loaded to server and connection terminated.
  • 6. Enhancement of Data Security In Cloud Computing: Issues And Challenges DOI: 10.9790/0661-1802041217 www.iosrjournals.org 17 | Page In addition, the use of thump print, face, and voice and image identification should be adopted for user authentication. Reference [1]. Al Zain, M., Soh, B., &Pardede, E. (2012). A New Approach Using Redundancy Technique to Improve Security in Cloud Computing. IEEE. [2]. Beckham, J. (2011), „The Top 5 Security Risks of Cloud Computing‟ available at: http://blogs.cisco.com/smallbusiness/the-top-5- security-risks-of-cloud-computing/(accessed 17/09/2013). [3]. Chanderetal.(2013)International Journal of Advanced Research in Computer Science and Software Engineering Vol 3(5) May - 2013, pp. 570-575 [4]. Han, D. and Zhang, F. (2012), Applying Agents to the Data Security in Cloud Computing. International Conference on Computer Science and Information Processing (CSIP). IEEExplore Pp. 1126 – 1127 [5]. kresimirpopovic and ZeljkoHocenski (2010) Cloud Computing Security and Challenges in MPRO Mariana Carroll, Paula Kotzé, Alta van der Merwe (2012). "Securing Virtual and CloudEnvironments". In I. Ivanov et al. Cloud Computing and Services Science, Service Science: Research and Innovations in the Service Economy. Springer Science+Business Media.doi:10.1007/978-1- 4614-2326-3. [6]. Minqui Zhou, Rong Zhang, etal. (2010)“ Security and Privacy in Cloud Computing: A Survey” In Sixth International Conference on Semantics, Knowledge and Grids.No author stated, (NY) Notorious Nine, Cloud Security, Info World February 25, May 2013 [Online] http://www.infoworld.com [7]. Rewagad, P. and Pawar, Y. (2003), Using Digital Signature with Differ Hellman Key Exchange and AES Encryption Algorithm to Enhance Data security in Cloud Computing. International Conference on Communication System and Network TechnologiesIEEExplore Pp. 437 - 438 [8]. VeerajuGampala, SrilaskhmiInuganti, Satish Muppidi, “Data Security in Cloud Computing with Elliptic Curve Cryptography” vol. 2 Issues 3, July, 2012. [9]. Weihai, P.R. (2013), Data Security in Cloud Computing. The 8th International Conference onComputer Science and Education (ICCSE)IEEExplor. Pp. 811- 813 Columbo, Sri Lanka [10]. Wang, Q., Wang, C., Ren, K., Lou, W. and Li, J. (2011). Enabling Public Auditability and Data Dynamics for Storage Security in Cloud ComputingIEEE Transactions on Parallel and Distributed System Vol. 22, No. 5, Pp. 848 – 849.